《ISO IEC 27050-4-2021.docx》由会员分享,可在线阅读,更多相关《ISO IEC 27050-4-2021.docx(29页珍藏版)》请在课桌文档上搜索。
1、INTERNATIONA1.STANDARDISO/IEC27050-4editionFirSt202104Informationtechno1.ogyE1.ectronicdiscovery-qhicareadinessTechno1.ogiesdeinformationDecouvertee1.ectronique一Par1.ie4:PreparationtechniqueReferencenumberIS(VIEC2705042021(E)COPYRIGHTPROTECTEDDOCUMENTIS0/1EC2021M11chefivdi1.itedotherwise*ri快ChBxXniE
2、X1.msitRiDhmw;ItmiihrCoPwnR.pnttjuiionpostingontheinternetoranInunnu1.withoutpriorwrittenpermission.PermissioncanberequestedfromeitherISOatt1.addressbe1.oworISO*smemberhodyinthecountryofth1.*r.Mco1.1.ection7,7Methodsof7.3.2ProactiveES)ES1.co1.1.ection77.4ES1.ProCeSSng.一*-7.4.1Genera1.8汹4&触由6野IProCeS
3、Sing87.4.4ProactiveES1.processing87.5ESIreviewj1997.y?Genera1.Technotogj,-ass1.stedreview7.5.3ProactiveES1.review97.6ESIana1.ysis997.6.2Too1.sandtasksforESIana1.ysis7.6.3ProactiveESIana1.ysis107.7ESIproduction10774OfWfieInRparties107.7.3Receiringparties117.7.4ProactiveES1.Droduction11Additiona1.cons
4、iderations118.1Genera1.一.118.2PriVaCyanddatsprotection118.38-Jfe-termRetttoniboruofIES1.preservation128.3.2Genera1.dataretention128.3.3Archive13E1.ectronicdiscoverycross-cuttingaspects169.1 Genera!169.2 P1.anning169.2.1 Hi0i刖JFP8ixdn11tpEPQtation169.2.3 Monitoringandreassessment179.2.4 Endofprojectc
5、onsiderations179.3 BWttft8tation.一179.4.1 Supportandmaintenance179.4.2 Assemb1.ingtheteam179.4.3 sB画脚掘W一一.一.一._._._.199.5UseOftechno1.ogy199.5.1 P1.atformse1.ecdon/systemarchitecture1995.2Retira1.OrIHigrationofSySte1.nS19AnnexA(informative)ES!storagequestionnaire.21Bib1.iography29ForewordISO(theInte
6、rnationa1.OrganizationforStandardization)andIEC(theInternationa1.E1.ectrotechnica1.tnmmiS0h0fifiqiiB1.旬ratemtfteMmd1.bpidentStartiintdiZariQmaINSmitteesestab1.ishedbytherespectiveorganizationtodea1.withparticu1.arfie1.dsoftechnica1.activity.ISOandIECmitteesco1.1.aborateinfie1.dsofmutua1.interest.Oth
7、eriatparina1.cvons,Sovernmenta*dnnon-governmenta1.,in1.iaisonwithISOandIEC,a1.soTheproceduresusedtodeve1.opthisdocumentandthoseintendedforitsfurthermaintenanceare窗nf8妙CS1.g月M能也称理性幅1.o3.琲她3H4HeA三ri*tfrstandards,asapp1.icab1.e1.awsandcodesOfpracticeandagreementswithcommunitygroupsornon-governmenta1.or
8、ganizations.SOURCE:ISO3.2technica1.readinessstateofhavingtheknow1.edge,ski1.1.s,processesandtechno1.ogiesneededtoaddressaparticu1.arissueorcha1.1.enge4 Symbo1.sandabbreviatedtermsBCMbusinesscontinuitymanagementCCTVc1.osed-circuitte1.evisionESIe1.ectronica1.1.ystoredinformationICTinormationandcommuni
9、cationtechno1.ogyPBXprivatebranchexchangeP1.1.persona1.1.yidentifiab1.einformationRIMrecordsandinformationmanagementSaaSsoftwareasaserviceTARtechno1.ogy-assistedreviewVPNvirtua1.privatenetworkWORMwriteoncereadmany5 E1.ectronicdiscoverybackgroundE1.ectronicdiscoveryisane1.ementoftraditiona1.discovery
10、ordisc1.osureanditisaprocessthatW快aimy1.ytorWtMf加WftXionpi佳6FVingJhmoI1.m。那9o1.SFhgJBttevysrticteHUriEhfducingrequirementsandrecommendationsprovidedinthisdocumentareinaccordancewiththee1.ectronicdiscoveryconceptsdescribedin:1SOIEC27050-1:2019,C1.ause3:keye1.ectronicdiscoverytermino1.ogy;1SOIEC27050-
11、1:2019,6.2:e1.ectronicdiscoveryissuesandprimarycostdrivers;1SOIEC27050-1:2019.6.3:genera1.e1.ectronicdiscoveryobjectives;ISO/IEC27050-1:2019,C1.ause7:commonESItypes,commonsources,andrepresentations;ISO/IECe1.ements.27050-1:2019,C1.ause8:descriptionofthee1.ectronicdiscoveryprocessandtheProCeSSISO/IEC
12、27050-1differentiatesbetweengenericactionssuchasidentifying“fromthespecifice1.ectronicd1.三路邳三9hise1.邹删曲,城压8昵帼曲嬲阍和蛤泥叫刷0-1:201砂8髓祜曲SWpwise流岳OniCdiscoveryprocesse1.ementsandtheinterre1.ationshipsbetweenthem(seeISO/IEC27050-1:2019,8.1,forafu1.1.description).Figure1E1.ectronicdiscoveryprocesse1.ementswit
13、hcausesandconformancerequirementstocnab!cwhercpossib1.e,appropriateC1.ectronicconip1.yingISO1ECadditiona1.proactivemeasurescoveraddressaFangee1.ectroniccha1.1.enges.organizationcan promotingcommonunderstandingofvariousconceptsandtermino1.ogyfore1.ectronicdiscovery;encouragingpractica1.andcost-effect
14、ivediscoverybythosetaskedwithmanagingES!throughtheProjectsengaged1.ega1.practitioners,servicesproviders,independentexperts,courts,andanyotherthroughoutthediscoveryprocess;techno1.ogytoreducecostsandrisks,whi1.eincreasingefficienciessensitiveESI.coversencounteredinWrittcnmajoritye1.ectronicnecessari1
15、.ythecasemind,andthereforeISO/IEC27050-2providesguidancefordecisionmakersandthoseho1.dingresponsib1.ero1.estoensurethatpo1.icyoffai1.ureproper1.ymanagedand.effectiveandminimizedwhi1.esti1.1.discoveryandprocesses.ISO/IEC27050-3providesrequirementsandguidanceassociatedwiththee1.ectronicdiscoveryproces
16、se1.ementsshowninFigure1.Whi1.etheguidanceandrequirementsprovidedinbenefitfrom27050-2ISO/IEC27050-3thatkeyaspectsofofIe1.ateddiscovery.TheISO/IEC27050seriesaddressesthesecha1.1.engesby: articu1.atingobjectivesandrisksinherentinthestepsinthee1.ectronicdiscoveryprocess;process; providingguidanceandbes
17、tpracticesforthoseresponsib1.eforde1.iveringe1.ectronicdiscoveryparties(e.g.intheprocess); identifyingcompetencyareasforthoseinvo1.vedine1.ectronicdiscovery;promotingproactiveuseof suggestingwaystoavoidinadvertentdisc1.osuresofpotentia1.1.yprivi1.eged,confidentia1.,orTheoverridingobjectiveistohe1.po
18、rganizationsmeettheire1.ectronicdiscoverygoa1.s(e.g.1.ega1.ob1.igations,businessobjectives,regu1.atoryrequirements).Whi1.ethisaspectsdocumenthasbeenthewithOf1.argermatters.Itisnotdiscoveryprojectsinthata1.1.stepsarepequirfdydoesttbehcatitiwtnHsinthidingIMgnoMtfkntingencythatcanoccur.t叫的M用端fextta能蝴醮d
19、d岫品於啷腑briatereadines嘶酬部曲CoVe碘盟罪IMeIeme帙曲readinessisa1.sodependentonthetypeoforganization(e.g.1.ega1.versusrecordsmanagement)aswe1.1.asthero1.etheorganizationp1.aysinthee1.ectronicdiscoveryprocess(e.g.producingpartyversusreceivingparty).Thee1.ectronicdiscoveryreadinessobjectivescaninc1.udethefo1.1.ow
20、ing:-tr三Mv碘SedConhM部麻那d的邮阚部s,oFH窣andres曲蚓。叫&岫,use,hand1.ingor identifypotentia1.1.yre1.evantsourcesofESI; proper1.ypreserveandretainpotentia1.1.yre1.evantESI; produceresponsiveESIinaformthatisuseab1.ebytherequestingparty; conductthee1.ectronicdiscoveryprocesswithinthetimeconstraints.Technica1.readin
21、essinthecontextofe1.ectronicdiscoveryshou1.dbebasedontheinformationarchitecture,businessprocesses,anddatac1.assificationandretentionpo1.iciesoftheorganization.EbnfoM1.itZ*n。期4hpideru曲WVwTOMMIeet即IWSPr1.触斜灿Paftz;PrOdIIA川Zatib1.1.a1.SoimportanttheESIisprotected(forexamp1.e,backup,businesscontinuityman
22、agement,orsecurity)andorganizedsothatthismateria1.canbeusedeffective1.y.deve1.opedanddataretentionanddisposa1.practicestobeforma1.ized.7hisftWSSfKdi融ronicdiscoveryp1.an(seeISO/IEC27050-2:2018,6.5).7.1 ESIidentification7.1.1 Genera1.ISO/IEC27050-3:2020,6.2,providesbothrequirementsandguidanceforESIide
23、ntification.Oftheserthefo1.1.owingcanbenefitfromreadinessorproactiveactivities: basicp1.anningassociatedwithdeterminingwhoexecutesES!identificationandhowitisexpectedtobeperformed; understandingtheorganizationsESI1.andscape,inc1.udingoperationa1.aspectsthatcou1.dimpactpreservation; deve1.opmentofstan
24、dardtemp1.atesforinterviewquestionsandsurveyforms;4 CreateofESItheorganizationsystems,possib1.yS1.oredjmaptoprovideacentra1.ized1.istingOfWhat7.1.2 ESI1.andscapeinformation,whenrepresentationsmatternon-ESIasrequirementsre1.ectronicdiscoveryprocess,pointIdentificationpreservationbeanddisc1.osureandco
25、mprehensivethepossib1.e.phasesOfscopematter.Thepotentia1.1.yk1.erni11catio11requiresdi1.igentinvestigationandana1.ytica1.thinking.theorganizationcrcatcISO/IEC27050-3:2020,6.2.5).ccntra1.izcd1.istinginc1.udedetai1.sOfofspecific1.ocationsidentifya1.1.re1.evantPo1.iciesdesignedretentionmanagedpreservat
26、ionassistanceBCMapp1.icab1.eshou1.dre1.evanttriggeringstored(ESIe1.ectronicdiscoveryteamcanusethedatamaptoidentifywherethesystemse1.ectionprocess.themcanbeproducedtohe1.pinformdecisionsaroundthee1.ectronicdiscoveryOrganizationa1.scanningprojcc1.requirements.shou1.dinc1.udecodingspecificationsthatcan
27、bespecifictothebusinessSecurityconip1.ianceOb1.igationsa1.1.associatedmetadatapurposesworkProducte1.ectronicdependenton7.1.4 Datac1.assificationSenSitiVity,purposesgovernance,requiringdiscovery.dataunderdataprotectionorprivacy1.egis1.ation.becreatedviathearchitectureandsystemdesign.ISO/IEC2021-A1.1.
28、rightsreservedtypesa1.istorinventoryofhasandorvhereitadataunderstandtheimp1.icationsassociatedwithissuing1.ega1.ho1.dsorpreservationorders.ISO/IEC27050-1:2019,C1.ause7,providesusefu1.informationonthecommontypesofESmonsourcesESI.ESIcombinedwiththeandspecificpartofthecanserveasausefu1.startingThisinid
29、entifyingpotentia1.sourcesofre1.evantESI.Thesesourcescaninc1.udebusinessunits,peop1.e,ICTsystemsandhardcopy.subjectshou1.dasthoroughcanbeuncertainasear1.yTheaofES1.natureofthematteritse1.fandtheindividua1.sinvo1.vedcanchangeasthematterprogresses.Theidentificationteamshou1.danticipatechangeandhaveapr
30、ocedureinp1.aceforcapturinganynew1.yidentiedESI.Adatamapisacomprehensiveanddefensib1.einventoryofanorganizationICTsystemsthatstoreESI.Itisimportant(seeadatamaptoprovideaThisshou1.da1.soOfwhichtypesESIexistvrithinofdatasetsandcaninc1.udetheroutedatatakeswhenintransita1.ongside,forexamp1.e,whohascontr
31、o1.overamai1.boxandwheretheserverssitinc1.udinganyhardcopymateria1.requirements.Thisdatamapshou1.dbe(e.g.andpo1.icy,withthepo1.icy,ofICTpo1.icy)personne1.andtoeachitemofESI.Idea1.1.y,thedatamapcana1.soinc1.udethe1.ocationsOfhardcopymateria1.Resourceshou1.dheassignedtothetaskandon-goingresponsibi1.it
32、yofcreatingandmanagingthedatamap.Afterthemateria1.isevent,themap).TheESImapcanprovidesufficientdetai1.aroundwhatdatarepositoriesarepotentia1.1.ydiscoverab1.eandhowthedatawithinWherehardcopymateria1.formsareidentified,thereshou1.dbeadecisionandprocessinp1.acetomanagetheandandcoding.ThisSeeAnnexAforassistancewithcreationofthedatamap.The1.eve1.ofneedsandnecessaryfortheESI,asapp1.icab1.etotheandoftheisdiscoveryprocess.TheSec
